Phishing

Hot glare of the spotlight doesn’t slow BlackByte ransomware gang

Crew's raids continue worldwide, Talos team warns

Research19 May 2022 | 4

Facebook rated least safe e-commerce option in government rankings

Singapore's safety scheme measures scam-combatting capability

Cyber-crime17 May 2022 | 2

Shopping for malware: $260 gets you a password stealer. $90 for a crypto-miner...

We take a look at low, low subscription prices – not that we want to give anyone any ideas

Research14 May 2022 | 6

Anatomy of a campaign to inject JavaScript into compromised WordPress sites

Reverse-engineered code redirects visitors to dodgy corners of the internet

Research13 May 2022 | 8

Phishing operation hits NHS email accounts to harvest Microsoft credentials

You've won $2m! Now just send me a small fee

Security05 May 2022 | 44

Intuit sued over alleged cryptocurrency thefts via Mailchimp intrusion

Financial software giant slammed for 'poor security practices'

Cyber-crime25 Apr 2022 | 13

Russian-linked Shuckworm crew ramps up Ukraine attacks

Cyber-espionage gang using multiple variants of its custom backdoor to ensure persistence, Symantec warns

Security20 Apr 2022 | 4

Criminals adopting new methods to bypass improved defenses, says Zscaler

PhaaS, SMiShing, and remote work drive increase in phishing attacks

Research20 Apr 2022 | 5

US warns North Korean Lazarus gang rising against cryptocurrency outfits

Malware-laced recruitment emails are more Kim job ill than Kim Jong-un

Security20 Apr 2022 | 5

Cybercriminals do their homework for latest banking scam

What could be safer than sending money to yourself through your own bank?

Cyber-crime15 Apr 2022 | 31

Attackers exploit Spring4Shell flaw to let loose the Mirai botnet

Trend Micro says vulnerable systems in Singapore have been compromised

Security11 Apr 2022 | 3

Broader investment in cybersecurity beginning to pay dividends

Improved defenses give organizations more room to negotiate but won't protect from lawsuits, says law firm

Security07 Apr 2022 |

Bank had no firewall license, intrusion or phishing protection – guess the rest

Crooks used RAT to hijack superusers at India's Mahesh Bank, stole millions

Security05 Apr 2022 | 96

Mailchimp: Crook stole cryptocurrency clients' mailing-list subscriber info

Staff socially engineered into handing over internal system credentials

Security05 Apr 2022 | 13

Google: Russian credential thieves target NATO, Eastern European military

Also: Belarusian miscreants pivot to browser-in-the-browser attacks

Security01 Apr 2022 | 12

Ukraine security agency shutters Russian disinformation bot farms

Operators used social media to distort status of fighting, instill panic in residents

Security29 Mar 2022 | 17

Cybercrooks target students with fake job opportunities

Legit employers don't normally send a check before you've started – or ask you to send money to a Bitcoin address

Security29 Mar 2022 | 21

IcedID malware, in the hijacked email thread, with the insecure Exchange servers

Windows backdoor shows off some interesting techniques

Security29 Mar 2022 | 3

China APT group using Russia invasion, COVID-19 in phishing attacks

Mustang Panda deploys variant of Korplug malware to target European officials and ISPs

Security28 Mar 2022 |

We blocked North Korea's Chrome exploit, says Google

Fake Oracle and Disney job ads to lure victims is certainly an interesting choice

Security25 Mar 2022 | 14

How CAPTCHAs can cloak phishing URLs in emails

Select all images of you being duped into providing your credentials

Security17 Mar 2022 | 45

The Windows malware on Ukraine CERT's radar

Government agencies impersonated, fake antivirus, another wiper, backdoors

Security16 Mar 2022 |

Cloudflare buys anti-phishing business Area 1 for $162m

Bolstering email defences to keep cybercrooks at bay

Security24 Feb 2022 | 3

Microsoft offers defense against 'ice phishing' crypto scammers

All right stop, collaborate and listen, 'soft is back with some theft protection

Security18 Feb 2022 | 17

Singapore introduces potent anti-scam measures

Plans to block more scam sites, share liability between banks and customers

Security16 Feb 2022 | 10

Phishing kits' use of man-in-the-middle reverse proxies is growing, warns Proofpoint

Spoof site looks real because it is... but you're not talking to who you think

Security03 Feb 2022 | 10

Singapore gives banks two-week deadline to fix SMS security

Edict follows widespread bank phishing scam claiming well over $6.3 million

Security20 Jan 2022 | 11

Singapore monetary authority threatens action on bank over widespread phishing scam

Updated Scam has claimed 469 victims in December alone, of which OCBC has issued goodwill payments to 30

Security18 Jan 2022 | 11

European Cybercrime Centre confident it's kicked credit card crims – again

Poised to reveal similar haul to 2020's €40M loss prevention total

Security02 Dec 2021 | 4

Google advises passwords are good, spear phishing is bad, and free clouds get attacked

Ad giant's first stab at providing the 'world's premier security advisory' starts with the obvious

Security25 Nov 2021 | 11

Centre for Computing History apologises to customers for 'embarrassing' breach

Updated Website patched following phishing scam, no financial data exposed

Security20 Oct 2021 | 12

Unpatched flaw 'weaponises' Apple AirTags to turn them into the phisherman's friend

XSS vulnerability allows miscreants to hijack phone number field on website

Security29 Sep 2021 | 28

Mafia works remotely, too, it seems: 100+ people suspected of phishing, SIM swapping, email fraud cuffed

Dare we say, these Euro cops ran mobprobe

Security21 Sep 2021 | 10

Aviation-themed phishing campaign pushed off-the-shelf RATs into inboxes for 5 years

Not all promises of international flight itineraries are real, warns Cisco Talos

Security16 Sep 2021 | 2

Brits open doors for tech-enabled fraudsters because they 'don't want to seem rude'

Impersonation scams and smishing rocket, say UK Finance and Which?

Security14 Sep 2021 | 24

Spam is Chipotle's secret ingredient: Marketing email hijacked to dish up malware

Updated More than 120 messages caught trying to filch credentials from customers of USAA Bank, Microsoft

Security29 Jul 2021 | 3

Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

Microsoft says Nobelium scored access to Constant Contact email marketing tool

Security28 May 2021 | 27

Train operator phlunks phishing test by teasing employees with non-existent COVID bonus

Someone at West Midlands Trains approved nasty cybersecurity drill

Security11 May 2021 | 153

Scammers tried slurping folks' login details through 70,000 coronavirus-themed phishing URLs during 2020

Palo Alto Networks lays bare a year of dastardly digital doings

Security24 Mar 2021 | 3

Days before the US election, phishers net $2.3m from Wisconsin Republicans

Big money in American politics proves chum in the water for online sharks

Security29 Oct 2020 | 33

Your anti-phishing test emails may be too easy to spot. NIST has a training tool for that

Phish Scale hopes to make life easier for blue teams gazing at click rates

Software18 Sep 2020 | 21

You have to be very on-trend as a cybercrook – hence why coronavirus-themed phishing is this year's must-have look

F-Secure gives its take on the first half of 2020 in internet scumminess

Security17 Sep 2020 | 6

Things are getting back to normal: Chinese hackers revert to bugging Tibetans after brief Euro campaign

APT phishing crew had COVID-themed fling with the west during height of pandemic, claim researchers

Security02 Sep 2020 | 5

Doctor, doctor, got some sad news, there's been a bad case of hacking you: UK govt investigates email fail

Former trade minister Dr. Liam Fox named as source of leaked trade docs

Security04 Aug 2020 | 80

Twitter says spear-phishing attack hooked its staff and led to celebrity account hijack

Attack came in waves that probed for staff with access to the creds crims craved

Security31 Jul 2020 | 19

UK intel committee on Russia: Social media firms should remove state disinformation. What was that, MI5? ████████?

Also (yikes): A 'complicated wiring diagram of responsibilities amongst ministers' in the event of cyber attack

Security21 Jul 2020 | 56

Southern Water to splash £50m on IT services to purify systems of planning, governance and internal controls

We'll raise a glass of the good stuff to that

Software20 Jul 2020 | 3

Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5

A very busy six months for Redmond's Digital Crimes Unit

Security08 Jul 2020 | 21

Hundreds of forgotten corners of mega-corp websites fall into the hands of spammers and malware slingers

Exclusive DNS entries left pointing to Azure-hosted server names snatched by miscreants for mischief

Security07 Jul 2020 | 20

Your 2.3m Instagram fans won't stop the FBI... Web star accused of plotting to launder millions from cyber-crime

Bloke calling himself Hushpuppi extradited, allegedly conspired to steal $100m from English Premier League soccer club among others

Security06 Jul 2020 | 13

Honeypot behind sold-off IP subnet shows Cyberbunker biz hosted all kinds of filth, says SANS Institute

Botnet C2, denial-of-service, phishing – and that's after filtering

Security25 Jun 2020 | 7

Australian PM says nation under serious state-run 'cyber attack' – Microsoft, Citrix, Telerik UI bugs 'exploited'

Won't say who the attackers are working for – just don't mention 中国

Security19 Jun 2020 | 37

Anatomy of a business email scam: FBI dossier details how fraudster pocketed $500k+ by redirecting payments

Electrolux, construction biz fooled into handing over money funneled out of the US to South Africa

Security03 Jun 2020 | 7

Cybercrooks tend to prefer Google-branded phishing to Microsoft-flavoured lures

So says Barracuda Networks, anyway

Security28 May 2020 | 2

There's Norway you're going to believe this: Government investment fund conned out of $10m in cyber-attack

Updated Police pining to drop the Lillehammer on crooks

Security14 May 2020 | 10

Mama mia! Nintendo in need of a plumber after leak sprays N64, GameCube, Wii code

Roundup Plus: Cognizant cognisant of whopping $70m in damage, malware creeps hit hospital firm, phishing campaigns, and much more

Security11 May 2020 | 8